John Ribeiro reports: A subcommittee of the U.S. House of Representatives has proposed requiring vehicle manufacturers to state their privacy policies, besides providing for civil penalties of up to US$100,000 for the hacking of vehicles. The lawmakers have also proposed that the National Highway Traffic Safety Administration set up an Automotive Cybersecurity Advisory Council to…
Category: Of Note
Lawful Hacking After the Encryption Debate
Marshall Erwin writes: The Obama administration has apparently decided not to support exceptional access proposals that would provide law enforcement with the means to access data on iPhones and other personal devices. As I argued previously on Just Security, instead of pursuing exceptional access, policymakers should seek to build a durable legal structure that would provide the FBI with the…
Feds charge Ardit Ferizi, a/k/a @Th3Dir3ctorY, with creating hit list of American military, govt employees for ISIS
Was a hack of a U.S. retailer used to develop an ISIL hit list of American military members and government employees? According to a federal complaint unsealed today, it appears it was. From the Department of Justice: Malaysian authorities have detained Kosovo citizen Ardit Ferizi in Malaysia on a U.S. provisional arrest warrant alleging that he provided…
Australian data breach notification laws will not be passed in 2015: Brandis
Yes, let’s enact mandatory data retention laws without any companion protections or data breach notification requirements. Way to go, Australia! Chris Duckett reports: Despite the Joint Parliamentary Committee on Intelligence and Security recommending that Australia have data breach notification laws in place before the end of 2015, Australian Attorney-General George Brandis told the Senate on Tuesday that…
Three-Bill Package Makes Revisions to California’s Data-Breach Notification Statute
Brandon Johnson writes: On October 6, 2015, California Governor Jerry Brown signed into law a trio of bills that is intended to clarify key elements of the state’s data-breach notification statute and provide guidance to persons, businesses, and state and local agencies that deal with electronically stored personal information. The bills, which were passed together…
Hackers target Australian health sector, selling records for A$1,000
Beverley Head reports: Hackers are targeting the Australian health sector, with fully populated digital health records sold on the black market for up to A$1,000 each. Plans to make the personally controlled electronic health record (PCEHR) an opt-out – rather than the current opt-in regime – could significantly expand the range of targets for health hackers….